Huawei laptop 'backdoor' flaw raises concerns
- Published
A flaw in Huawei Matebook laptops, found by Microsoft researchers, could have been used to take control of machines, the Times has reported.
The "sophisticated flaw" had probably been introduced at the manufacturing stage, one expert told BBC News.
Huawei is under increasing scrutiny around the world over how closely it is tied to the Chinese government.
The company, which denies any collusion with Beijing, corrected the flaw after it was notified about it in January.
Prof Alan Woodward, a computer security expert based at Surrey University, told BBC News the flaw had the hallmarks of a "backdoor" created by the US's National Security Agency to spy on the computers of targets.
That tool was leaked online and has been used by a wide variety of hackers, including those who are state-sponsored and criminal gangs.
"It was introduced at the manufacture stage but the path by which it came to be there is unknown and the fact that it looks like an exploit that is linked to the NSA doesn't mean anything," Prof Woodward said.
"It could be organised crime gangs, which are increasingly interfering with the supply chain, or it could be someone playing geo-politics to discredit Huawei.
"There is no evidence that the company has done anything malicious or any evidence they were under pressure from the state."
The question remains, however, according to Prof Woodward: "How did the software engineering processes allow this on?
"This is not going to help their case or reduce people's concerns," he said.
The British intelligence community last week said that it could offer only "limited assurances" that long-term security risks from Huawei could be managed.
Prof Woodward said: "Huawei is critical to 5G, which in turn will be critical to a whole range of things, including future cities and autonomous cars.
"Disrupting this network could cause huge disruptions to society and I can see why people are worried about Huawei supplying this technology.
"They are headquartered in a country that has coercive laws and has made it clear that companies have to co-operate with the government and keep that secret."
- Published7 March 2019
- Published6 March 2019